Cloud-based systems and methods for X-ray tube and generator configuration management

ABSTRACT

Methods and apparatus to prevent tampering with an x-ray tube are disclosed. An example circuit board device positioned with respect to the x-ray tube includes a processor and a memory. The example processor is to at least determine configuration information for the circuit board device. The example processor is to at least compare the determined configuration information to stored configuration information in the memory. The example processor is to at least, when the determined configuration information is verified with the stored configuration information, enable the circuit board device. The example processor is to at least, when the determined configuration information is not verified with the stored configuration information, i) disable the circuit board device and ii) process board reactivation before enabling the circuit board device.

FIELD OF THE DISCLOSURE

This disclosure relates generally to x-ray configuration management,and, more particularly, to cloud-based methods, systems, and apparatusfor x-ray tube and generator configuration management.

BACKGROUND

In non-invasive imaging systems, x-ray tubes are used in various x-raysystems and computed tomography (CT) systems as a source of ionizing(x-ray) radiation. The ionizing radiation is emitted from an x-ray tubein response to control signals during an examination or imagingsequence. An emitter within the cathode emits a stream of electrons inresponse to heat resulting from an applied electrical current, and/or anelectric field resulting from an applied voltage to a properly shapedmetallic plate in front of the emitter. The anode includes a target thatis impacted by the stream of electrons. The target, as a result ofimpact by the electron beam, produces x-ray radiation to be emittedtoward an imaged volume. In such imaging systems, a portion of theradiation passes through a subject of interest, such as a patient,baggage, or an article of manufacture, and impacts a digital detector ora photographic plate where the image data is collected. The signals arethen processed to generate an image that may be displayed for review.Parts of the x-ray system, including the x-ray tube, deteriorate overtime based on repeated use. Failure and/or other unacceptabledegradation in use can occur unpredictably at inopportune times,resulting in a need to reobtain images and unnecessary x-ray exposurefor patients, as well as wasted patient, radiologist, and x-raytechnician time to arrange for a repeated scan. X-ray system downtimefor repairs also negatively impacts healthcare facility scheduling,billing, and patient care. Additionally, unregulated, imitation, and/orother knock-off parts installed by untrained, unlicensed repairpersonnel pose a danger to x-ray system reliability, x-ray systemaccuracy, x-ray system function, and patient safety.

BRIEF SUMMARY

Certain examples provide a circuit board device positioned with respectto an x-ray tube to prevent tampering with the x-ray tube. The examplecircuit board device includes a processor and a memory. The exampleprocessor is to at least determine configuration information for thecircuit board device. The example processor is to at least compare thedetermined configuration information to stored configuration informationin the memory. The example processor is to at least, when the determinedconfiguration information is verified with the stored configurationinformation, enable the circuit board device. The example processor isto at least, when the determined configuration information is notverified with the stored configuration information, i) disable thecircuit board device and ii) process board reactivation before enablingthe circuit board device.

Certain examples provide a tangible computer readable storage mediumincluding instructions which, when executed, cause a processor to atleast determine configuration information for a circuit board deviceassociated with an x-ray tube. The example instructions, when executed,cause a processor to at least compare the determined configurationinformation to stored configuration information. The exampleinstructions, when executed, cause a processor to at least, when thedetermined configuration information is verified with the storedconfiguration information, enable the circuit board device. The exampleinstructions, when executed, cause a processor to at least, when thedetermined configuration information is not verified with the storedconfiguration information, i) disable the circuit board device and ii)process board reactivation before enabling the circuit board device.

Certain examples provide a method of preventing tampering with an x-raytube. The example method includes determining, using a processor,configuration information for a circuit board device associated with thex-ray tube. The example method includes comparing, using the processor,the determined configuration information to stored configurationinformation in the memory. The example method includes, when thedetermined configuration information is verified with the storedconfiguration information, enabling the circuit board device. Theexample method includes, when the determined configuration informationis not verified with the stored configuration information, i) disablingthe circuit board device and ii) processing board reactivation beforeenabling the circuit board device.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1-2 show an example computed tomography (CT) imaging system.

FIG. 3 illustrates an example x-ray tube that can form and/or be used inthe x-ray source of the example of FIGS. 1-2.

FIG. 4 illustrates an example implementation of the tamper detectioncircuit board.

FIG. 5 illustrates an example implementation of a cloud infrastructurein communication with the tamper detection board.

FIG. 6 illustrates an example monitoring ecosystem in which the x-raytube and tamper detection board communicate via a wireless channel withthe cloud infrastructure, directly and/or via the edge device.

FIGS. 7-8 illustrate flow diagrams for example methods to detect and/orregulate tampering with an x-ray system.

FIG. 9 is a block diagram of a processing system structured to executethe example machine readable instructions of FIGS. 7-8 to implementand/or interact with the example board and/or cloud infrastructure ofFIGS. 1-6.

The figures are not to scale. Wherever possible, the same referencenumbers will be used throughout the drawing(s) and accompanying writtendescription to refer to the same or like parts.

DETAILED DESCRIPTION

In the following detailed description, reference is made to theaccompanying drawings that form a part hereof, and in which is shown byway of illustration specific examples that may be practiced. Theseexamples are described in sufficient detail to enable one skilled in theart to practice the subject matter, and it is to be understood thatother examples may be utilized and that logical, mechanical, electricaland other changes may be made without departing from the scope of thesubject matter of this disclosure. The following detailed descriptionis, therefore, provided to describe an exemplary implementation and notto be taken as limiting on the scope of the subject matter described inthis disclosure. Certain features from different aspects of thefollowing description may be combined to form yet new aspects of thesubject matter discussed below.

When introducing elements of various embodiments of the presentdisclosure, the articles “a,” “an,” “the,” and “said” are intended tomean that there are one or more of the elements. The terms “comprising,”“including,” and “having” are intended to be inclusive and mean thatthere may be additional elements other than the listed elements.

As used herein, the terms “system,” “unit,” “module,” “engine,” etc.,may include a hardware and/or software system that operates to performone or more functions. For example, a module, unit, or system mayinclude a computer processor, controller, and/or other logic-baseddevice that performs operations based on instructions stored on atangible and non-transitory computer readable storage medium, such as acomputer memory. Alternatively, a module, unit, engine, or system mayinclude a hard-wired device that performs operations based on hard-wiredlogic of the device. Various modules, units, engines, and/or systemsshown in the attached figures may represent the hardware that operatesbased on software or hardwired instructions, the software that directshardware to perform the operations, or a combination thereof.

Certain examples provide systems and methods to manage an integrity ofsystem configuration of an x-ray tube and x-ray generator throughcloud-based systems and methods deployed “in the field”. In certainexamples, a tamper detection board interacts with a cloud-based securemachine connectivity and access mechanism to enable access only to theauthorized spare parts for the x-ray system. Configuration is managedonline from the cloud which provides a secure system to store andcontrol system configuration.

Tamper detection and/or prevention techniques typically involve erasingand/or damaging stored authentication keys when tampering is detected.Certain examples detect tampering used to corrupt stored keys. Certainexamples provide a cloud based system to control configuration integrityof medical systems. Tamper detection/prevention helps to secure x-rayimaging devices and to ensure proper terms of use of deployed devices inthe field, thus improving the quality of service provided to customers.

Certain examples leverage cloud and digital analytics to managecomponents of an x-ray system such as the x-ray tube, generator, etc.,over a secured cloud channel. Certain examples use a smart processingboard to detect tampering mounted on the x-ray tube casing. When poweredup, the board checks the integrity of the data stored on the board'svolatile memory. If the measured configuration is found to match theconfiguration in memory, then the board allows operation to proceedfurther. If the measured configuration is found not to match theconfiguration in memory, then the board sends an alert signal to thecloud while disabling further operation of the x-ray tube by sending aconfiguration mismatch message to the cloud-based monitoring system aswell as to a system console. The disabled state can be overcome after avalid authorization is sent back to the board using the cloud system. Amessaging protocol, such as MQ Telemetry Transport (MQTT), etc., can beused to send an activation instruction to the processing board. Once theboard is reactivated, the board informs the cloud-based systemindicating that a valid configuration has been found and allows furtheroperation of x-tube and generator configuration.

In certain examples, a communication channel from which theconfiguration information is sent is a secured channel with userauthentication, such as a single sign-on (SSO)-based access, etc. Asecure communication channel helps ensure that only authorized personalcan send an access key to a data lake, for example. Data can be fetchedfrom the data lake by the processing board to be stored in the tamperdetection board for further power cycles. Tamper protection boardconnectivity to the cloud is facilitated using a communication channelsuch as a Wi-Fi, Bluetooth Low Energy (BLE), or local area network (LAN)channel, in which the tamper detection board connects to a single boardcomputer, which hosts a cloud-based engine, such as GE Predix®. Datareceived by the single board computer is sent to the data lake via thesecured channel, for example.

At power-up, the single board processing computer receives the mediaaccess control identifier (MAC ID) of the tamper detection board. TheMAC ID is sent to the central data lake to verify the authenticity orgenuineness of the tamper detection board. If the tamper detection boardis found to be genuine (e.g., a genuine spare), the single boardprocessing computer allows further communication with the tamperdetection board.

Thus, certain examples provide cloud-based configuration management tostore and control system configuration via systems and methods tosecurely read, write and authenticate keys on the tamper detectionboard. When the system is initially installed and/or when authorizedmaintenance occurs, certain examples provide a method to securely managethe system configuration from a cloud based application with no humanintervention. This maintains the integrity of the configurationmanagement process, for example. The tamper detection board stores anactivation key issued from the cloud during first installation, forexample.

X-Ray tubes contain many proprietary designs that bring value in termsof imaging quality, life, reliability, etc. There are numerous attemptsmade in the field to reverse engineer x-ray tube configuration andreplicate the same configuration with cheap and inferior substitutes. Toprotect proper x-ray tube configuration and, more importantly, to helpensure the x-ray tubes are used in the right way without tampering,systems and methods to detect and prevent unauthorized changes to x-Raytubes. Cloud-based and secure communication channel links to x-ray tubescan be used to manage configuration to provide a robust configurationintegrity management system for x-ray tubes and generators. An attemptto tamper with the x-ray system is detected and flagged and a providerand/or other maintainer is notified.

With authentic spares, a certain quality of performance can beguaranteed to a customer. This quality can be in question when spuriousspares are used during maintenance. A configuration management andtamper protection system helps ensure that the guaranteed performance ismaintained for the customer. An arrangement of tamper detection boardcombined with a cloud-based system offers a number of value propositionsfrom genuine spare detection to new service models in which the x-raytube and generator can be leased out for a prepaid time. Occasionally,spurious spares can also cause damage to other parts of the x-raymachine. Effective configuration management can also prevent damage dueto cheap substitutes and help ensure guaranteed quality of service frommedical devices on the field. Certain examples provide non-invasive andpassive tamper detection methods to help ensure x-ray tube security evenafter months of storage and transportation. If the x-ray tube and/orgenerator has been tampered with, an alert can be generated and thecomponent and/or x-ray system can be deactivated remotely from thecloud, for example.

In operation, for example, a sensor-enabled board configured on thex-ray tube detects tampering. Once the board detects the tamper, theboard runs a cyclic redundancy check (CRC) internally (e.g., on everypower up as well, etc.). When the CRC check does not match the stored orother reference value, a message is relayed to an edge device incommunication with the cloud-based system. The edge device waits forauthorization from the cloud before the edge device communicates withthe board on the x-ray tube to restart operation. In certain examples, amessage can be generated to notify support personnel that tampering hasbeen identified and is being processed, for example.

Turning to the figures, FIGS. 1 and 2 show a computed tomography (CT)imaging system 10 including a gantry 12. Gantry 12 has a rotary member13 with an x-ray source 14 (e.g., an x-ray tube) that projects a beam ofx-rays 16 toward a detector assembly 18 on the opposite side of therotary member 13. A main bearing may be utilized to attach the rotarymember 13 to the stationary structure of the gantry 12. The x-ray source14 includes either a stationary target or a rotating target. Thedetector assembly 18 is formed by a plurality of detectors 20 and dataacquisition systems (DAS) 22, and can include a collimator. Theplurality of detectors 20 sense the projected x-rays that pass through asubject 24, and the DAS 22 converts the data to digital signals forsubsequent processing. Each detector 20 produces an analog or digitalelectrical signal that represents the intensity of an impinging x-raybeam and hence the attenuated beam as it passes through a subject 24.During a scan to acquire x-ray projection data, the rotary member 13 andthe components mounted thereon can rotate about a center of rotation.

Rotation of the rotary member 13 and operation of the x-ray source 14are governed by a control mechanism 26 of the CT system 10. The controlmechanism 26 can include an x-ray controller 28 and a generator 30 thatprovides power and timing signals to the x-ray source 14 and a gantrymotor controller 32 that controls the rotational speed and position ofthe rotary member 13. An image reconstructor 34 receives sampled anddigitized x-ray data from the DAS 22 and performs high speed imagereconstruction. The reconstructed image is output to a computer 36 whichstores the image in a computer storage device 38.

The computer 36 also receives commands and scanning parameters from anoperator via an operator console 40 that has some form of operatorinterface, such as a keyboard, mouse, touch sensitive controller, voiceactivated controller, or any other suitable input apparatus. A display42 allows the operator to observe the reconstructed image and other datafrom the computer 36. The operator supplied commands and parameters areused by the computer 36 to provide control signals and information tothe DAS 22, the x-ray controller 28, and the gantry motor controller 32.In addition, the computer 36 operates a table motor controller 44 whichcontrols a motorized table 46 to position the subject 24 and the gantry12. Particularly, the table 46 moves a subject 24 through a gantryopening 48, or bore, in whole or in part. A coordinate system 50 definesa patient or Z-axis 52 along which the subject 24 is moved in and out ofthe opening 48, a gantry circumferential or X-axis 54 along whichdetector assembly 18 passes, and a Y-axis 56 that passes along adirection from a focal spot of the x-ray tube 14 to the detectorassembly 18.

FIG. 3 illustrates an example x-ray tube 300 that can form and/or beused in the x-ray source 14 of the example of FIGS. 1-2. The examplex-ray tube 300 includes a tamper detection circuit board 310 mounted ona tube casing 330. The example tamper detection board 310 provides asecure machine connectivity and access mechanism to enable access to thex-ray tube 300 only for authorized spare parts, repair personnel, etc.Tamper detection and prevention is vital to secure proprietaryintellectual property in the x-ray imaging device, as well as to helpensure proper terms of use with respect to a deployed x-ray device 300in the field. Thus, quality of service can be maintained/improved.

FIG. 4 illustrates an example implementation of the tamper detectioncircuit board 310. In the example of FIG. 4, the board 310 includespassive electromagnetic circuitry embedded in the printed circuit board310. By embedding the components into the board 310, the tamper detectmechanism is itself difficult to detect and bypass. The exampleimplementation of the board 310 shown in FIG. 4 includes a magneticactuated switch 312, and an energy storage device 314 (e.g., capacitor,supercapacitor, etc.), as well as a processor or controller 316, amemory 318 (e.g., a volatile and/or non-volatile memory, etc.), and acommunication interface 320, such as for cloud connectivity via Wi-Fi,cellular, near field communication (NFC), and/or other wireless/wiredcommunication interface. The processor 316 can include memory 318 suchas volatile memory, non-volatile memory, etc., and/or the memory 318 canbe on the board 310 separate from the processor 316. While the board 310is mounted on the casing 330 of the x-ray tube 300, the magnetic switch312 remains closed. However, if the board 310 is removed from the casing330, the switch 312 opens and the board 310 is inactivated, disablingaccess to the x-ray tube 310 (e.g., physically and/or through datacorruption, data loss, etc.). For example, opening the switch 312 cutspower to the memory 318 and configuration information, such as anactivation or authorization key, etc., is wiped/erased/changed from thevolatile memory 318.

FIG. 5 illustrates an example implementation of a cloud infrastructure502 in communication with the tamper detection board 310. As shown inthe example of FIG. 5, the board 310 communicates with an edge device504 in and/or near the cloud 502, which facilitates exchange of datawith respect to the cloud infrastructure 502. The edge device 504provides information to a data store 506, for example. Thus, informationfrom the board 310 can be provided to the cloud 502 and stored in thedata store 506 for verification, analysis, authentication/authorization,etc. The cloud infrastructure 502 also includes a tamper detector/alertgenerator 508. The tamper detector/alert generator 508 can alert a user,system, application, and/or other device to tampering at the board 310,etc. In certain examples, the tamper detector/alert generator 508 cancommunicate with the board 310 to enable and/or disable access to thex-ray tube 300 based on determination or tampering or lack thereof, forexample. Via a workstation 510, a user can view x-ray tube 300 and/orboard 310 status and provide authentication and/or other command,control, query, feedback, etc., via an interface at the workstation 510,for example.

FIG. 6 illustrates an example monitoring ecosystem 600 in which thex-ray tube 300 and tamper detection board 310 communicate via a wirelesschannel 602 (e.g., Wi-Fi, etc.) with the cloud infrastructure 502,directly and/or via the edge device 504. The example edge device 504shown in FIG. 6 includes single board computer 604 (e.g., a RaspberryPi, etc.) with a communication interface 606 (e.g. a 3G data card, etc.)providing access to a cellular network 608. Data gathered and processedvia the cloud 502 to determine whether or not the board 310 and/or tube300 has been tampered with can then be provided to one or more outputssuch as the board 310, messaging/announcement 610, dashboard 612, etc.

As shown in the example of FIG. 6, x-ray tube 300 information can beprovided to and displayed via the dashboard 612. The example dashboard612 provides a list of identifier(s) 614 for available tube(s) 300 aswell as a field for an activation key 616 for each tube 300 and aselection 618 to activate the corresponding tube 300. To activate a tube300, a user locates the tube identifier 614 in the list and provides anactivate key/code 616 for the tube 300. The user can then select toactivate 618 that tube 300. Selecting to activate 618 the tube 300triggers a verification of the activation key/code 616 via the cloud 502(e.g., by the tamper detector/alert generator 508). If the activationkey/code 616 is verified/validated, then an activationcommand/instruction is transmitted from the cloud 502 to the board 310to enable the x-ray device 300.

In certain examples, the communication channel 602 is a secured channelwith user authentication, such as a single sign-on (SSO)-based access,etc. The secure communication channel 602 helps ensure that onlyauthorized personal can send an access key to and from the cloud 502,for example. Data can be fetched from the data store 506 in the cloud502 via the edge device 504 to be stored in the tamper detection board310 for further power cycles. Tamper protection board 310 connectivityto the cloud 502 is facilitated using the communication channel 602 suchas a Wi-Fi, BLE, or LAN channel, in which the tamper detection board 310connects to the edge device 504 (e.g., including the single boardcomputer 604, etc.), which communicates with and/or hosts a cloud-basedengine 508, such as GE Predix®. Data received by the single boardcomputer 604 is sent to the data store 506 via the secured channel, forexample.

At power-up, the single board processing computer 604 receives a mediaaccess control identifier (MAC ID) for the tamper detection board 310.The MAC ID is sent to the tamper detector/alert generator 508 to verifythe authenticity or genuineness of the tamper detection board 310 viathe data store 506 (e.g., a data lake, data warehouse, database, etc.)such as by verifying the MAC ID, performing a cyclic redundancy check,checksum, etc. If the tamper detection board 310 is found to be genuine(e.g., a genuine spare, untampered circuit board, etc.), the singleboard processing computer 604 allows further communication with thetamper detection board 310, for example.

When powered up, the tamper detection board 310 checks the integrity ofthe data stored on the board's volatile memory 318 (e.g., included withand/or separate from the processor 316, etc.). If the measuredconfiguration determined by the processor 316 is found to match theconfiguration stored in memory 318, then the board 310 allows operationof the tube 300 (e.g., for operation, repair, replacement,configuration, update, etc.) to proceed. If the measured configurationis found not to match the configuration stored in memory 318, then theboard 310 sends an alert signal to the cloud 502 (e.g., to the tamperdetector/alert generator 508, etc.) and disables further operation ofthe x-ray tube 300 by sending a configuration mismatch message to thetamper detector/alert generator 508 of the cloud-based monitoring system502. The disabled state can be overcome after a valid authorization issent back to the board 310 using the cloud system 502 (e.g., byverifying the activation key 616 for the tube 300 via the dashboard 612displayed at the workstation 510, etc.). A messaging protocol, such asMQ Telemetry Transport (MQTT), etc., can be used to send an activationinstruction to the processing board 310. Once the board 310 isreactivated, the board 310 informs the cloud-based system 502 indicatingthat a valid configuration has been found.

While example implementations of the x-ray tube 14, 300 and associatedcomponents 502, 600 are illustrated in conjunction with FIGS. 1-6,processes and/or devices illustrated in conjunction with FIGS. 1-6 canbe combined, divided, re-arranged, omitted, eliminated and/orimplemented in any other way. Further, the example board 310, switch312, energy storage device 314, processor 316, memory 318, communicationinterface 320, signal conditioning circuit 502, cloud infrastructure502, edge device 504, data store 506, tamper detector/alert generator508, workstation 510, single board computer 604, communication interface606, etc., of FIGS. 1-6 can be implemented by hardware, machine readableinstructions, software, firmware and/or any combination of hardware,machine readable instructions, software and/or firmware. Thus, forexample, any of the example board 310, switch 312, energy storage device314, processor 316, memory 318, communication interface 320, signalconditioning circuit 502, cloud infrastructure 502, edge device 504,data store 506, tamper detector/alert generator 508, workstation 510,single board computer 604, communication interface 606, etc., of FIGS.1-6 can be implemented by analog and/or digital circuit(s), logiccircuit(s), programmable processor(s), application specific integratedcircuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or fieldprogrammable logic device(s) (FPLD(s)). When reading any of theapparatus or system claims of this patent to cover a purely softwareand/or firmware implementation, at least one of the example board 310,switch 312, energy storage device 314, processor 316, memory 318,communication interface 320, signal conditioning circuit 502, cloudinfrastructure 502, edge device 504, data store 506, tamperdetector/alert generator 508, workstation 510, single board computer604, communication interface 606, etc., of FIGS. 1-6 is/are herebyexpressly defined to include a tangible computer readable storage deviceor storage disk such as a memory, a digital versatile disk (DVD), acompact disk (CD), a Blu-ray disk, etc. storing the software and/orfirmware. Further still, the example board 310 can include elements,processes and/or devices in addition to, or instead of, thoseillustrated in conjunction with FIGS. 1-6, and/or may include more thanone of any or all of the illustrated elements, processes and devices.

Flowcharts representative of example machine readable instructions forimplementing and/or execution on the example tamper detection board 310and/or cloud infrastructure 502, algorithms executing on or with respectto the example tamper detection board 310 and/or cloud infrastructure502, and/or other components/processes of FIGS. 1-6 are shown inconjunction with FIGS. 7-8. Further, although the example program isdescribed with reference to the flowcharts illustrated in conjunctionwith FIGS. 7-8, many other methods can alternatively be used. Forexample, the order of execution of the blocks may be changed, and/orsome of the blocks described may be changed, eliminated, or combined.Although the flowcharts of FIGS. 7-8 depict example operations in anillustrated order, these operations are not exhaustive and are notlimited to the illustrated order. In addition, various changes andmodifications may be made by one skilled in the art within the spiritand scope of the disclosure. For example, blocks illustrated in theflowchart may be performed in an alternative order or may be performedin parallel.

As mentioned above, the example processes of FIGS. 7-8 an be implementedusing coded instructions (e.g., computer and/or machine readableinstructions) stored on a tangible computer readable storage medium suchas a hard disk drive, a flash memory, a read-only memory (ROM), acompact disk (CD), a digital versatile disk (DVD), a cache, arandom-access memory (RAM) and/or any other storage device or storagedisk in which information is stored for any duration (e.g., for extendedtime periods, permanently, for brief instances, for temporarilybuffering, and/or for caching of the information). As used herein, theterm tangible computer readable storage medium is expressly defined toinclude any type of computer readable storage device and/or storage diskand to exclude propagating signals and to exclude transmission media. Asused herein, “tangible computer readable storage medium” and “tangiblemachine readable storage medium” are used interchangeably. Additionallyor alternatively, the example processes of FIGS. 7-8 an be implementedusing coded instructions (e.g., computer and/or machine readableinstructions) stored on a non-transitory computer and/or machinereadable medium such as a hard disk drive, a flash memory, a read-onlymemory, a compact disk, a digital versatile disk, a cache, arandom-access memory and/or any other storage device or storage disk inwhich information is stored for any duration (e.g., for extended timeperiods, permanently, for brief instances, for temporarily buffering,and/or for caching of the information). As used herein, the termnon-transitory computer readable medium is expressly defined to includeany type of computer readable storage device and/or storage disk and toexclude propagating signals and to exclude transmission media. As usedherein, when the phrase “at least” is used as the transition term in apreamble of a claim, it is open-ended in the same manner as the term“comprising” is open ended. In addition, the term “including” isopen-ended in the same manner as the term “comprising” is open-ended.

FIG. 7 is a flow diagram of an example method 700 representative ofexample machine readable instructions that can be executed by the tamperdetection board 310, cloud infrastructure 502, etc., to monitor andregulate tampering with the board 310 and/or the associated x-ray tube300. At block 702, the tamper detection circuit board 310 is activated.For example, power is provided to the board 310, a button, switch, key,touchscreen, etc., is actuated, and/or other trigger such as attemptedaccess to the x-ray tube 300 activates the board 310.

At block 704, the tamper detection circuit board 310 evaluates theconfiguration of the board 310 to determine whether or not the board 310has been tampered with. For example, the tamper detection circuit board310 determines configuration information associated with the board 310and its x-ray tube 300. For example, the processor 316 of the tamperdetection board 310 determines its MAC ID, other identification code,capacitance and/or magnetic field information, component configuration,etc. The tamper detection board 310 can compare the determinedconfiguration information with stored configuration information toverify the determined configuration information. For example, theprocessor 316 compares the determined configuration information withstored configuration information saved in the memory 318, edge device504, and/or data store 506, etc. The comparison can be computed using aCRC of the determined configuration information, such as anactivation/authentication key, and the stored configuration information,such as an activation/authentication key, for example. Alternatively orin addition, the MAC ID of the board 310 can be verified. In certainexamples, the edge device 504 facilitates verification in case the cloud502 is disconnected from communication with the board 310, for example.

At block 706, if the determined configuration information is verified,then the board 310 configuration is acknowledged. At block 708, theboard 310 and/or tube 300 is enabled. For example, the board 310 isenabled so that the x-ray tube 300 can be accessed for configuration,use, repair/replace, etc.

However, if the configuration information is not verified, then, atblock 710, then the board 310 is disabled. For example, the tamperdetection board 310 is locked, deactivated, and/or otherwise disabled toprevent access to and/or control of the x-ray tube 300. For example, analert is sent to the tamper detector/alert generator 508 in the cloud502 indicating possible tampering with the board 310 and/or other partof the tube 300, and the board 310 is notified that its configuration isnot acceptable for use (e.g., has been tampered).

At block 712, reactivation of the board 310 is processed. For example,the board 310, edge device 504, and/or tamper detector/alert generator508 await an authorization key, such as provided via the dashboard 612on the workstation 510. Once the authorization key is provided, theconfiguration information is checked again to determine whether or notthe board 310 is acceptable for use (e.g., no longer tampered, not infact tampered, etc.). If the configuration information is not verified,then an updated/correct authentication key is awaited. If theconfiguration information can now be verified, then an acknowledgementand/or other authorization is provided to enable the board 310/tube 300at block 708.

FIG. 8 is a flow diagram of an example implementation of the method 700representative of example machine readable instructions that can beexecuted by the tamper detection board 310, cloud infrastructure 502,etc., to monitor and regulate tampering with the board 310 and/or theassociated x-ray tube 300. At block 702, the tamper detection circuitboard 310 is activated. For example, power is provided to the board 310,a button, switch, key, touchscreen, etc., is actuated, and/or othertrigger such as attempted access to the x-ray tube 300 activates theboard 310.

At block 704, the tamper detection circuit board 310 evaluates theconfiguration of the board 310 to determine whether or not the board 310has been tampered with. For example, at block 802, a configuration CRCis performed on configuration information associated with the board 310and its x-ray tube 300. For example, the processor 316 of the tamperdetection board 310 determines and evaluates a CRC for the board 310configuration, etc. At block 804, the CRC is evaluated to determinewhether or not the board 310 has likely been tampered with. For example,the processor 316 compares the determined configuration information withstored configuration information saved in the memory 318, edge device504, and/or data store 506, etc. The comparison can be computed using aCRC of the determined configuration information and the storedconfiguration information, for example. In certain examples, the edgedevice 504 facilitates verification in case the cloud 502 isdisconnected from communication with the board 310, for example. If theCRC is verified, then control proceeds to block 706. If the CRC is notverified, then control proceeds to block 710.

At block 706, if the determined configuration information is verified,then the board 310 configuration is acknowledged. At block 708, theboard 310 and/or tube 300 is enabled. For example, the board 310 isenabled so that the x-ray tube 300 can be accessed for configuration,use, repair/replace, etc.

However, if the configuration information is not verified, then, atblock 710, then the board 310 is disabled. For example, the tamperdetection board 310 is locked, deactivated, and/or otherwise disabled toprevent access to and/or control of the x-ray tube 300. For example, analert is sent to the tamper detector/alert generator 508 in the cloud502 indicating possible tampering with the board 310 and/or other partof the tube 300, and the board 310 is notified that its configuration isnot acceptable for use (e.g., has been tampered).

At block 712, reactivation of the board 310 is processed. For example,at block 806, the board 310, edge device 504, and/or tamperdetector/alert generator 508 await an authorization key, such asprovided via the dashboard 612 on the workstation 510. Once theauthorization key is provided, at block 808, the configurationinformation is checked again to determine whether or not the board 310is acceptable for use (e.g., no longer tampered, not in fact tampered,etc.). If the configuration information is not verified, then anupdated/correct authentication key is awaited. If the configurationinformation can now be verified, then, at block 810, an acknowledgementand/or other authorization is provided to enable the board 310/tube 300at block 708.

Thus, from the foregoing, it is clear that certain examples provide asensor-enabled circuit board 310 positioned on the x-ray tube 300 todetect tampering with the x-ray tube 300 and/or other x-ray systemcomponent. Once the board 310 detects tampering, the board 310 runs aninternal CRC and/or other check (e.g., on power up as well as potentialtamper detection, etc.). If the CRC does not match, then a message isrelayed to the edge device 504. The edge device 504 withholds andauthentication key and awaits authorization from the cloud 502 beforethe edge device 504 provides the authentication key to the board 310 torestart x-ray tube 300 operation, for example. A message can also begenerated indicating/alerting to the potential and/or confirmedtampering, resumption of normal operation, request for repair, etc.

In certain examples, at power-up, the edge device 504 receives the MACID of the tamper detection board 310. The MAC ID is provided to thetamper detector/alert generator 508 to check the data store 506 toverify the genuineness of the board 310. If found to be genuine, furthercommunication is permitted between the board 310 and the edge device504. To be able to store and control system configuration for the x-raytube 300, the board 310 should accept secure read, write, andauthentication of one or more keys on the tamper detection board 310.When the system is initially installed and/or when authorizedmaintenance occurs, the system configuration can be securely managed viaa cloud-based application 502 without human intervention whilemaintaining the integrity of configuration management processes,systems, etc.

The tamper detection board 310 stores an activation key issued from thecloud 502 during a first installation. The key written on volatilememory 318 can be generated using one or more secure algorithms,devices, etc. For example, a secure algorithm such as RSA, etc., can beused to generate and write the key. A combination of a plurality of keyssuch as board identifier, system identifier(s) for x-ray generator andtube(s) 300, a one-time passcode, etc., can be used to generate a key,for example. Key(s) can be passed on to a cloud based authenticationmanager 508, which hashes out another key to be stored on the volatilememory 318. When the system is reset or run, the generator checks forintegrity of the key. If the key is corrupted, the generator stops theregular functioning of the X-Ray system and flags a warning that theconfiguration has been tampered with. During installation and in case ofauthorized maintenance activities, the authentication key can beregenerated as described above to restore functionality.

With authentic spares, a provider can and/or desires to guarantee acertain quality of performance to the customer. This quality can be inquestion when spurious spares are used during maintenance. Theconfiguration management and tamper protection system 300, 600 helpsensure that the guaranteed performance is maintained for the customer.An arrangement of tamper detection board 310 combined with cloud 502offers a plurality of value propositions from genuine spare detection tonew service models in which the X-ray tube and generator can be leasedout for a prepaid time. Occasionally, spurious spares can also causedamage to other parts of the X-Ray machine. Effective configurationmanagement can thus also prevent damage due to cheap substitutes andensure guaranteed quality of service from medical devices in the field.Other direct advantages include intellectual property (IP) protection,preventing unauthorized tampering and reconstruction by unauthorizedagencies, etc. The commercial advantages come with protection of IP andwith prevention of unauthorized maintenance and tampering by thirdparties. Technical advantages include the non-invasive and passivetamper detection methods. Hence, the tube 300 is secured even aftermonths of storage and transportation against unauthorized use.

FIG. 9 is a block diagram of an example processor platform 900structured to executing the instructions of FIG. 9 to implement theexample board 310 and/or cloud infrastructure 502 of FIGS. 3-6. Theprocessor platform 900 can be, for example, a server, a personalcomputer, a mobile device (e.g., a cell phone, a smart phone, a tabletsuch as an iPad™), a personal digital assistant (PDA), an Internetappliance, or any other type of computing device.

The processor platform 900 of the illustrated example includes aprocessor 912. The processor 912 of the illustrated example is hardware.For example, the processor 912 can be implemented by integratedcircuits, logic circuits, microprocessors or controllers from anydesired family or manufacturer.

In the examples, the machine readable instructions include a program forexecution by one or more processors such as the processor 912 shown inthe example processor platform 900 discussed below in connection withFIG. 9. The machine readable instructions may be stored on a tangiblecomputer readable storage medium such as a CD-ROM, a floppy disk, a harddrive, a digital versatile disk (DVD), a Blu-ray disk, or a memoryassociated with the processor 912, but the entire program and/or partsthereof could alternatively be executed by a device other than theprocessor 912 and/or embodied in firmware or dedicated hardware.

The processor 912 of the illustrated example includes a local memory 913(e.g., a cache). The example processor 912 of FIG. 9 executes theinstructions of FIGS. 9-12 to implement the example board 310 and/orcloud infrastructure 504.

The processor 912 of the illustrated example is in communication with amain memory including a volatile memory 914 and a non-volatile memory916 via a bus 918. The volatile memory 914 may be implemented bySynchronous Dynamic Random Access Memory (SDRAM), Dynamic Random AccessMemory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or anyother type of random access memory device. The non-volatile memory 916may be implemented by flash memory and/or any other desired type ofmemory device. Access to the main memory 914, 916 is controlled by aclock controller.

The processor platform 900 of the illustrated example also includes aninterface circuit 920. The interface circuit 920 may be implemented byany type of interface standard, such as an Ethernet interface, auniversal serial bus (USB), and/or a PCI express interface.

In the illustrated example of FIG. 9, one or more input devices 922 areconnected to the interface circuit 920. The input device(s) 922permit(s) a user to enter data and commands into the processor 912. Theinput device(s) can be implemented by, for example, a sensor, amicrophone, a camera (still or video), a keyboard, a button, a mouse, atouchscreen, a track-pad, a trackball, isopoint and/or a voicerecognition system.

One or more output devices 924 are also connected to the interfacecircuit 920 of the illustrated example. The output devices 924 can beimplemented, for example, by display devices (e.g., a light emittingdiode (LED), an organic light emitting diode (OLED), a liquid crystaldisplay, a cathode ray tube display (CRT), a touchscreen, a tactileoutput device, and/or speakers). The interface circuit 920 of theillustrated example, thus, typically includes a graphics driver card, agraphics driver chip or a graphics driver processor.

The interface circuit 920 of the illustrated example also includes acommunication device such as a transmitter, a receiver, a transceiver, amodem and/or network interface card to facilitate exchange of data withexternal machines (e.g., computing devices of any kind) via a network926 (e.g., an Ethernet connection, a digital subscriber line (DSL), atelephone line, coaxial cable, a cellular telephone system, etc.).

The processor platform 900 of the illustrated example also includes oneor more mass storage devices 928 for storing software and/or data.Examples of such mass storage devices 928 include floppy disk drives,hard drive disks, compact disk drives, Blu-ray disk drives, RAIDsystems, and digital versatile disk (DVD) drives.

The coded instructions 932 of FIGS. 7-8 may be stored in the massstorage device 928, in the volatile memory 914, in the non-volatilememory 916, and/or on a removable tangible computer readable storagemedium such as a CD or DVD.

Although certain example methods, apparatus and articles of manufacturehave been described herein, the scope of coverage of this patent is notlimited thereto. On the contrary, this patent covers all methods,apparatus and articles of manufacture fairly falling within the scope ofthe claims of this patent.

What is claimed is:
 1. A circuit board device positioned with respect toan x-ray tube to detect and prevent tampering with the x-ray tube, thecircuit board device comprising: a processor and a memory, the processorto at least: determine configuration information for the circuit boarddevice; compare the determined configuration information to storedconfiguration information in the memory; when the determinedconfiguration information is verified with the stored configurationinformation, enable the circuit board device; and when the determinedconfiguration information is not verified with the stored configurationinformation, i) disable the circuit board device and ii) process boardreactivation before enabling the circuit board device, whereinprocessing the board reactivation includes verifying an activation key,the activation key to be transmitted to the circuit board device via acloud infrastructure for comparison against a stored authorization keyin the memory.
 2. The circuit board device of claim 1, wherein the boardreactivation is facilitated via an edge device in communication with thecloud infrastructure.
 3. The circuit board device of claim 1, whereinthe activation key is entered via a user interface and relayed to thecircuit board device via the cloud infrastructure.
 4. The circuit boarddevice of claim 1, wherein the processor is to compare the determinedconfiguration information to the stored configuration information usinga cyclic redundancy check.
 5. The circuit board device of claim 1,wherein the configuration information is determined based at least inpart on a media access control identifier of the circuit board device.6. The circuit board device of claim 1, wherein the circuit board deviceincludes a magnetic switch that is opened when the circuit board deviceis removed from the x-ray tube, opening of the magnetic switch erasingthe stored configuration information from the memory.
 7. The circuitboard device of claim 1, further including an energy storage device toretain configuration in the memory when external power is removed. 8.The circuit board device of claim 7, wherein disabling the circuit boarddevice includes disrupting a memory configuration of the circuit boarddevice when tampering is detected.
 9. A tangible computer readablestorage medium comprising instructions which, when executed, cause aprocessor to at least: determine configuration information for a circuitboard device associated with an x-ray tube; compare the determinedconfiguration information to stored configuration information; when thedetermined configuration information is verified with the storedconfiguration information, enable the circuit board device; and when thedetermined configuration information is not verified with the storedconfiguration information, i) disable the circuit board device and ii)process board reactivation before enabling the circuit board device,wherein processing the board reactivation includes verifying anactivation key, the activation key transmitted to the circuit boarddevice via a cloud infrastructure for comparison against a storedauthorization key in memory.
 10. The computer readable storage medium ofclaim 9, wherein the board reactivation is facilitated via an edgedevice in communication with the cloud infrastructure.
 11. The computerreadable storage medium of claim 9, wherein the activation key isentered via a user interface and relayed to the circuit board device viathe cloud infrastructure.
 12. The computer readable storage medium ofclaim 9, wherein the instructions, when executed, cause the processor tocompare the determined configuration information to the storedconfiguration information using a cyclic redundancy check.
 13. Thecomputer readable storage medium of claim 9, wherein the configurationinformation is determined based at least in part on a media accesscontrol identifier of the circuit board device.
 14. A method ofpreventing tampering with an x-ray tube, the method comprising:determining, using a processor, configuration information for a circuitboard device associated with the x-ray tube; comparing, using theprocessor, the determined configuration information to storedconfiguration information in the memory; when the determinedconfiguration information is verified with the stored configurationinformation, enabling the circuit board device; and when the determinedconfiguration information is not verified with the stored configurationinformation, i) disabling the circuit board device and ii) processingboard reactivation before enabling the circuit board device, whereinprocessing the board reactivation includes verifying an activation key,the activation key transmitted to the circuit board device via a cloudinfrastructure for comparison against a stored authorization key in thememory.
 15. The method of claim 14, wherein the board reactivation isfacilitated via an edge device in communication with the cloudinfrastructure.
 16. The method of claim 14, wherein comparing furtherincludes comparing the determined configuration information to thestored configuration information using a cyclic redundancy check.